Russian military botnet discovered on 1000+ compromised routers — FBI deactivated Moobot by taking control of impacted::A GRU botnet using Moobot was installed on unsecured routers (including those belonging to many homes and small businesses) with default admin passwords.
We have national security standards (NIST) that describe the playbook for OS and device security, but no ways to help catch or enforce they are used. As heavy handed as it is, I’m starting to think we need enforcement of certain security basics on consumer goods to stop shit like this from happening constantly. Sure, there will always be zero-day issues out there, but default admin credentials not being set shouldn’t even be possible.
Login to router, “As a courtesy, we changed your password -the cia”
Ahhh feel safe now.
